For many small businesses there are considerable restraints on both budget and personnel that can make implementing a good security practice feel like an insurmountable challenge. Recent news gives us a constant reminder of the threats we all face from hactivists, electronic espionage, and good old fashioned script kiddies out to cause damage. These threats are very real and it makes good business sense to reduce your attack surface as much as possible. However, picking the right solution can become a daunting task, especially because of the heavy impact these solutions (and their implementation) can put on already tight margins. With that in mind, here are five steps that any business can take to improve security, without spending a penny.
Let’s start with the basics. Configuring an environment is not just simply plugging everything together and letting it run. However, by making changes and implementing best practice on your network, operating systems, and applications you can significantly reduce your attack surface. BeyondTrust Research has produced a white paper In Configuration We Trust that includes guidance about how you can go about implementing some of these changes. To make life that little bit easier we’ve also produced a free tool that helps you assess your environment for some of the common configuration issues. Both of these free tools are available for download here.
2. Vulnerability Management
All systems have vulnerabilities. There I said it. Sadly this is a product of both human error and human ingenuity. The combination of mistakes made by developers and the increasing ingenuity of the hacker community has led to an inexorable rise in the number of exploitable vulnerabilities that are discovered and announced. Black market exploit tool kits are making it almost childishly simple for attackers to discover and exploit weaknesses in existing systems. It is every organization’s responsibility to keep their environment secure but to do this you need to know what holes exist. Vulnerability management is a great step towards achieving this goal. Retina CS Community edition is a free vulnerability management solution that can scan up to 256 assets and identify any vulnerabilities in configuration, operating system, and installed applications. The solution covers not just servers and desktops but databases, web applications and mobile devices. It also includes data on known exploits in the wild. Knowledge is power, go get some. Download Retina CS Community Free Now.
An Intrusion Detection System is one of those things that many organizations think they should have but never really understand. The solution is designed to track all of the network traffic in and out of your organization and highlight those instances that may be evidence of an attack. Network based appliances can be very expensive but there is an excellent open source alternative. Developed by Sourcefire, Snort®, is an open source network intrusion prevention and detection system (IDS/IPS). Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and nearly 400,000 registered users, Snort has become the de facto standard for IPS. All that is required is a system to host it. Snort can be found here.
There are many, many antivirus solutions available and they all have their pro’s and con’s. Since we’re going for free here there are a couple of options to consider. Assuming you’re running a Microsoft Windows platform you will have access to Microsoft’s Security Essentials. It’s by no means the best of the bunch but since it comes pre-installed it’s very easy to get started with. If you’re looking for something that has more advanced protection, then may I suggest the rather excellent Avast free antivirus, which can be found here. One thing to consider is that most malware attacks are looking to leverage elevated privileges, so by removing these you can decrease your vulnerability surface area considerably. BeyondTrust’s PowerBroker for Windows solution snaps into your existing active directory structure and allows you to elevate applications and processes at a very granular level, effectively removing administrator rights throughout your organization. For more information about PowerBroker for Windows and to begin a free trial visit us here.
All of the solutions I have described above are designed to mitigate risk from a technical perspective and are all very capable of doing so. However they cannot entirely protect you from the threat of social engineering. Phishing attacks are on the rise and these can be either very broad in scope or highly targeted against individuals. The value of an educated workforce that understands the risks cannot be underestimated. Whether it’s a bored office junior browsing the wrong websites or a CEO receiving individually crafted malicious emails, an understanding of the inherent risks of data leakage can greatly improve your response to attacks. Security-aware cultures are not created overnight and it will take time and effort on everyone’s part to achieve. This dedication is always worth the investment. To help make your program a success, SANS has some excellent free resources here.